Flexible clients' addresses?

[Martin Pauly]

Hi,

I have some 150 new radius clients waiting at my doorstep.
Unfortuantely their IP addresses are _not_ within a single
Subnet. Most of them are, however grouped into a bunch of 
25 pseudo-subnets of the following kind:

client 192.168.<n>.240/28 {
       secret          = somesecret
       shortname       = somename
}

with n between 0 and 254.

Rather than putting 25+ entries of this kind into clients.conf,
I am looking for a more flexible way of client specification.

I have two ways in mind to approach the problem:

Approach 1:
Specify a subnet mask with a "hole":
client 192.168.0.240/255.255.0.28 {
       secret          = somesecret
       shortname       = somename
}
describes what I need when interpreted with bitwise netmask semantics.
This is currently not supported, but for what reason --
considererd insane or simply not desired by anyone yet?

Approach 2 (more general):
Store the property of being a radius client in my LDAP database.
I found some older postings related to this:

On Jan 30, 2005, Alan walters wrote:
> > We have free radius working with ldap I have been looking for a way 
> > to add our clients files o our ldap has anyone had any success with this 

reply from "Mitchell, Michael J" <Michael.Mitchell at team.telstra.com>:
> I've actually been looking at this over the weekend. Have written some
> code, but haven't tested it yet. I'm hoping to get to that today
> sometime. I based it largely on what was done in the sql module, so it
> may need a bit of refinement.
> 
> I believe Kostas has it on his todo list also. I'm happy to submit a
> "draft patch" for review and comment if it helps get this completed.

Has there been any progress on that? I quick look at src/main/client.c
has revealed nothing so far.

Thanks, Martin

-- 
  Dr. Martin Pauly     Fax:    49-6421-28-26994            
  HRZ Univ. Marburg    Phone:  49-6421-28-23527
  Hans-Meerwein-Str.   E-Mail: pauly at HRZ.Uni-Marburg.DE  
  D-35032 Marburg